If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

What would JP do?

Hey I though i should just post this 4 the hell of it, but, JP what would u do if someone accually broke in and defaced your site with a prog YOU listed for download at your security download section. besides just take that prog down maybe.
Anyone else, what do u think u should have happen?
I mean you do list a hack attempts log on your site.

I would hope that JP (and any other self-respecting security specialist) would just suck it up and admit they screwed up. Removing the program would be utterly stupid. Thankfully, Antionline had (and I assume still has) their full-disclosure policy. When they were hacked for the first time a while back, JP came right out. Heck, when they hadn't been hacked (but people made it look like they had), JP came right out and explained what was happening.

With over 3million hack attempts a year, we're bound to get hacked every now and then. You'll notice that most security sites have very few interactive features, and just basically serve up simple html. The less user interaction, the less chance you have of getting hacked. Complexity is sort of the enemy of most security admins.

I, however, think it's stupid not to have interaction and all of the bells and whistles that other sites have. If we get hacked, oh well. It will be a learning experience. We'll patch the hole, and put the site back up.

Since this site's been around (starting in 1993), we've gotten nearly 9 million intrusion attempts. Only two were successful, and neither of them managed to penetrate our internal lan, or any of our internal servers, just simple webpage defacements.